Attacks, Threats, and Vulnerabilities
This is the real story of the Afghan biometric databases abandoned to the Taliban (MIT Technology Review) By capturing 40 pieces of data per person—from iris scans and family links to their favorite fruit—a system meant to cut fraud in the Afghan security forces may actually aid the Taliban.
J&K cops cracking down on 'white-collar jihadis', term them 'worst terrorists' (Firstpost) A new generation of terrorists have emerged in Jammu and Kashmir, as per the state police. Termed 'white-collar jihadis', these people use the anonymity offered by the cyberspace to create unrest in the Valley. The battleground is new where conventional weaponry and the fighting zones of a warren of narrow streets and forests are replaced by computers and smartphones to wage war from just about anywhere — in Kashmir or outside, safe inside their homes or out on the streets, from a nearby cafe or even just a convenient roadside, say police.
Report: Indonesian Government’s Covid-19 App Accidentally Exposes Over 1 Million People in Massive Data Leak (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a data breach in the Indonesian government’s eHAC program created to tackle the COVID-19 pandemic spread in
Microsoft Azure Cosmos DB Vulnerability Allows ‘Manipulation’ of Customer Data: Report (CRN) Cybersecurity company Wiz issued a report on a Microsoft Azure Cosmos DB vulnerability that could allow hackers to download and edit commercial data.
Hackers steal $29 million from crypto-platform Cream Finance (The Record by Recorded Future) Hackers are estimated to have stolen more than $29 million in cryptocurrency assets from Cream Finance, a decentralized finance (DeFi) platform that allows users to loan and speculate on cryptocurrency price variations.
Bangkok Airways hit by LockBit ransomware attack, loses lotsa data after refusing to pay (Register) Partial credit card numbers appear and, worse still, passengers' meal preferences
Cyber attack threat looms over Glasgow climate conference (Business Insurance) Scottish police and security experts have issued warning for possible cyber attacks on the infrastructure of Glasgow – the venue for the 2021 United Nations Climate Change Conference.
LockFile ransomware uses intermittent encryption to evade detection (CSO Online) This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.
How ransomware runs the underground economy (CSO Online) Ransomware gangs are adopting all the core elements of legitimate businesses—including defined staff roles, marketing plans, partner ecosystems, and even venture capital investments—and some hallmarks of more traditional criminal enterprises.
Vulnerability Summary for the Week of August 23, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
CISA: Don’t use single-factor auth on Internet-exposed systems (BleepingComputer) Single-factor authentication (SFA) has been added today by the US Cybersecurity and Infrastructure Security Agency (CISA) to a very short list of cybersecurity bad practices it advises against.
Bad Practices (CISA) As recent incidents have demonstrated, cyberattacks against critical infrastructure can have significant impacts on the critical functions of government and the private sector.
Division 1 College Football Teams and Mascots Keep Showing Up on Breached Password Lists (Specops Software) The Rambling Wreck of Georgia Tech may not have earned a single vote in the AP’s preseason college football Top 25 rankings, but when it comes...
Boris Johnson ignored security guidance over use of personal phone (Computing) A classified document warned ministers in 2019 that hackers could compromise their personal devices
Security Patches, Mitigations, and Software Updates
Update on the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature (Microsoft Security Response Center) On August 12, 2021, a security researcher reported a vulnerability in the Azure Cosmos DB Jupyter Notebook feature that could potentially allow a user to gain access to another customer’s resources by using the account’s primary read-write key. We mitigated the vulnerability immediately.
Microsoft Azure Cosmos DB Guidance (CISA) CISA is aware of a misconfiguration vulnerability in Microsoft’s Azure Cosmos DB that may have exposed customer data. Although the misconfiguration appears to have been fixed within the Azure cloud, CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate keys and to review Microsoft’s guidance on how to Secure access to data in Azure Cosmos DB.
Trends
What are the cybersecurity threats every board needs to be aware of today? (ITProPortal) As cybercrime becomes more prevalent what are the threats to watch out for
Outpatient Facilities Now Top Targets for Healthcare Data Breaches (Health IT Security) Cyber criminals are shifting their healthcare data breach targets away from hospitals and onto outpatient facilities and business associates, a new report shows.
Does the World Really End This Way? (The Cipher Brief) BOOK REVIEW: This is How They Tell Me the World Ends: The Cyberweapons Arms Race By Nicole Perlroth / Bloomsbury Publishing Reviewed by Christopher Gallup The Author: Nicole Perlroth is an award-winning staff writer at The New York Times, she covers digital espionage, and cybersecurity. The Reviewer: Christopher Gallup is a Senior Cloud Security Architect, … Continue reading "Does the World Really End This Way?"
Marketplace
Check Point Buys Cloud Email Security Provider Avanan (SecurityWeek) Israeli software giant Check Point joins the cybersecurity shopping spree with a definitive deal to acquire cloud-based email security firm Avanan
EIB signs €15 million deal with Dutch cybersecurity company EclecticIQ (Devdiscourse) The EIB financing is backed by the European Commission through the European Fund for Strategic Investments (EFSI), the main pillar of the Investment Plan for Europe.
Tesserent reports growth amid investments in software platform (CRN Australia) After integrating its six acquisitions in 12 months.
$9 billion Tanium quietly laid off most of its senior product marketers, a month after its latest CMO left, sources say (Business Insider) Cybersecurity firm Tanium had layoffs last week, impacting mostly employees in marketing. The company is currently assessing if it's ready to IPO.
Former Mossad chief's cybersecurity company to operate in Gulf (Globes) Tamir Pardo's XM Cyber will bid to protect infrastructures in the UAE and Bahrain, as part of a consortium led by Rafael.
Georgia answering the nation's call for more cybersecurity workers (Savannah Morning News) Georgia again finds itself sitting on unique resources and is positioned to dominate this field critical to the economy and to national security
Votiro Appoints Ravi Srinivasan as Chief Executive Officer to Accelerate Company’s Zero Trust Strategy to File Security (BusinessWire) Votiro appoints veteran product executive Ravi Srinivasan as Chief Executive Officer to accelerate global market expansion.
Keeper Security Welcomes Erin Howe as New VP of Global Sales Strategy & Operations (PR Newswire) Keeper Security, the leading provider of zero-knowledge security and encryption software covering password management, dark web monitoring,...
Products, Services, and Solutions
Safetech Innovations becomes a cybersecurity auditor (Business Review) Safetech Innovations, a Romanian cybersecurity company listed on the AeRO market of the Bucharest Stock Exchange, receives the cybersecurity auditor
Giant Oak Offers Screening Product GOST to Aid Afghan Refugees (Giant Oak) In an effort to expedite the processing of Afghan refugees, Giant Oak is offering complimentary use of GOST to government organizations.
Check Point CloudGuard Network Security is a Launch Partner for Amazon VPC Enhanced Routing (Check Point Software) By Jonathan Maresky, Cloud Product Marketing Manager, published August 31, 2021 In my previous blog post I wrote about the three pillars of CloudGuard:
Peraton, AFRL Launch X-ARBITOR Cross-Domain Platform (Executive Gov) A cross-domain platform developed by Peraton and the U.S. Air Force Research Laboratory (AFRL) has b
CyberGRX Joins AWS ISV Accelerate Program (BusinessWire) CyberGRX has joined Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, expanding access to its Exchange platform.
Corelight Named to U.S. Department of Defense Enterprise Software Initiative (PR Newswire) Corelight, provider of the industry's leading open network detection and response (NDR) platform, today announced that it has been named a...
SlashNext Launches Email Spear Phishing Detection and Response for Microsoft 365 (PR Newswire) SlashNext, the leader in SaaS-based spear-phishing and human hacking defense across all digital channels and apps, today announced the...
Attivo Networks and Swimlane Partner to Provide Detailed View Into Attack Methods Targeting Organizations (BusinessWire) Attivo Networks and Swimlane Partner to Provide Detailed View Into Attack Methods Targeting Organizations
Technologies, Techniques, and Standards
Do the Chinese “own” our electric grids and other infrastructures? (Control Global) This blog could have been written by the famous threat analyst Pogo Possum who said: “we have met the enemy and they is us”. Presidential Executive Order (EO) 13920 was meant to prevent the use of Chinese-made products in critical bulk electric grid applications. The EO was also meant to address hardware supply chain issues as the Chinese had installed hardware backdoors that bypassed all cyber security protections. However, neither is happening. As a result, China is in a position to “own” our electric grids and other critical infrastructures at times of their choosing.
Security Compass Partners with International Society of Automation to Further the Adoption of Security Standards for Industrial Automation and Control Systems (BusinessWire) Security Compass today announced a partnership with the International Society of Automation (ISA).
Trusted Identities Leader Rebecca Archambault of Highmark Western and Northeastern New York Joins Identity Defined Security Alliance Customer Advisory Board (BusinessWire) The Identity Defined Security Alliance, a nonprofit providing vendor-neutral resources, today announced new members and technical working groups.
President's Cup Cybersecurity Competition (CISA) The President's Cup Cybersecurity Competition is a national cyber competition aiming to identify, recognize, and reward the best cybersecurity talent in the federal executive workforce.
CISA Releases Guidance on Protecting PII From Ransomware Attacks (Health IT Security) CISA released a fact sheet on protecting PII from ransomware attacks in light of recent high-profile cyberattacks that put personal data in jeopardy.
Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches (CISA) Ransomware is a serious and increasing threat to all government and private sector organizations, including critical infrastructure organizations. In response, the U.S. government launched StopRansomware.gov, a centralized, whole-of-government webpage providing ransomware resources, guidance, and alerts.
Why Kubernetes isn’t just another tech buzzword (IT Brief) While Kubernetes itself sits in the developer and engineering realm, it has notable flow-on effects on the wider business.
Kaspersky’s advice against online bullies (TahawulTech.com) In 2020, as countries around the world were forced into lockdown, the number of online gamers skyrocketed. In fact, by the end of March 2020, the number of both active users and concurrent users actively playing games on Steam (the most popular online gaming platform, community, and store) reached an all-time record. Consequently, in-game abuse and online bullying equally peaked.
Legislation, Policy, and Regulation
Opinion | Russia and China Eye a Retreating U.S. (Wall Street Journal) Beijing will push for more sway in Pakistan; Moscow will try in Central Asia’s former Soviet republics.
Inside Vladimir Putin’s Shadowy Army of Global Spies (The Daily Beast) The untold story of how Vladimir Putin created his own foreign intelligence service to shore up his standing in post-Soviet Russia.
Kremlin brands last independent TV journalists as ‘foreign agents’ (independent) Russian journalists are compulsively checking whether they have been blacklisted for being “foreign agents” as the Kremlin cracks down on information channels.
Biden Must Stop Russia’s Illicit Procurement of Sensitive American Technologies (FDD) Analysis, Op-eds | August 30, 2021 | Federal agents last year raided a New Hampshire company linked to the Russian Federal Security Services, or FSB, according to court documents unsealed in July. Investigators acted on evidence that the...
China Slashes Kids’ Gaming Time to Just Three Hours a Week (Bloomberg) The country is imposing its strictest limits yet on play time. Beijing signalled it would continue large tech company curbs.
Singapore government expands bug hunt with hacker rewards scheme (ZDNet) Singapore's government CIO has introduced a bug-hunting programme that offers up to $5,000 for white hackers to uncover security vulnerabilities in systems used by the public sector.
OMB Provides Tiered Instructions on Logging Requirements in Executive Order (Nextgov.com) A memo for agencies assigns criticality levels to monitoring activities along various categories and sets deadlines for compliance.
The Lobby Network: Big Tech's Web of Influence in the EU (Corporate Europe) As Big Tech’s market power has grown, so has its political clout.
UK's attempts to rewrite laws could risk data arrangement with the EU (Computing) The EU can terminate its adequacy decision with the UK, in cases where developments affect users' privacy
Litigation, Investigation, and Law Enforcement
Regulators Tighten Scrutiny of Data Breach Disclosures by Companies (Wall Street Journal) Companies must pay closer attention to what they say after hackers strike, lawyers warn, as regulators crack down on inaccurate disclosures and Congress debates mandatory reporting of cybersecurity breaches.
SEC Sanctions Brokerages Over Email Break-Ins (Wall Street Journal) The enforcement actions are the latest example of the U.S. Securities and Exchange Commission penalizing brokerages and money managers over hacks. The SEC alleged the three firms failed to implement adequate policies to protect customer information and respond to cybersecurity risks
T-Mobile Hit With Another Proposed Class Action Over Data Breach (Bloomberg Law) T-Mobile U.S. Inc. was slapped with another proposed class action accusing the telecommunications company of acting negligently and failing to safeguard consumers’ personally identifiable information from a recent data breach.
Companies Go Scot-Free Despite Breach of Customer Data (Moneylife) Companies like Byju’s, Bigbasket, MobiKwik and several others have had a data breach, at least once. None of them were penalised due to the lack of a specific provision against data breach in the Information Technology Act of 2000 and a separate comprehensive statute on data protection laws, writes VISHAL RAGHAVAN.
DC Circuit issues two notable FOIA decisions (The Reporters Committee for Freedom of the Press) One case involved records related to the Intelligence Community’s duty to warn Jamal Khashoggi about impending threats to his life.
Mum wins legal battle after Havant school gave ex her address despite having fled him for a refuge (Portsmouth News) A MOTHER who fled her home due to domestic violence was harassed by an ex - after he got her address from an infant school.